A remote transaction with such a payment card, for example by internet, mail, fax, or telephone, usually involves providing a primary account number PAN written on one side of the payment card and some additional information, such as the expiration date of the payment card and/or the identity of the cardholder, written on the card.
In order to make remote transactions secure, it is usually also necessary to provide a card security code (CSC), also called a card verification value, which is used by the server for card verification operations. The security code is usually composed of 3 or 4 numbers written on the payment card, usually on the side of the card which is opposite the side bearing the primary account number PAN.
The numbers which compose the security code are determined for example by encrypting the primary account number PAN of the card, its expiration date, and a service code for the card, by a unique numeric key associated with the payment card, and keeping 3 or 4 digits of the result.
In this context, it is desirable to prevent the collection and/or reuse of security codes by unauthorized persons or agents who had access to the payment card information and have saved the primary account number PAN, the additional data, and the security code.
To this end, payment cards have been proposed that are provided with a display device for displaying a value of the security code, placed on one side of the payment card, in which the value of the security code is refreshed periodically to prevent or limit the reuse of the security code by unauthorized persons.
Document U.S. Pat. No. 7,954,705 shows an example of such a payment card and of a method for generating and displaying a security code for the payment card.
However, it is desirable to further improve the security of such payment cards, in particular so as to prevent or limit the possibility of reverse-engineering the payment card.